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DETAILED ACTION 

1 . Claims 1 -26 are pending for examination. 



Double Patenting 

2. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 
USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) or 1 .321 (d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 
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Effective January 1, 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

3. Claims 1-26 are rejected on the ground of nonstatutory obviousness-type double 
patenting as being unpatentable over claims 1-23 of U.S. Patent No. 6832377. 
Although the conflicting claims are not identical, they are not patentably distinct from 
each other because both computer systems comprise substantially the same elements. 
For example, claims 1-26, functions performed by the steps are the same and obvious 
as the steps of claims 1-23 of U.S. Patent No. 6832377. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed or described as set forth 
in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

5. Claims 1 2-1 4 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web" by BARTZ. 



6. 



BARZT was cited in the previous office action. 
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7. As to claims 12 and 13, BARTZ teaches the invention substantially as claim 
including a system for universal registration comprising: 

a digital information server for sending a registration interface dynamic base 
object (authenticated distinguished name reference to the LDAP directory object) (see 
fig. 2; pg. 72 first and second columns; in particular item 1); 

a universal register (LDAP server) for hosting a registration implementation 
dynamic base object (role objects), the registration implementation dynamic base object 
corresponding to the registration interface dynamic base object (see fig. 2; pg. 72 first 
and second column, in particular item 9); 

a plurality of resources (servers), communicatively coupled to the digital 
information server and the universal register via a network, requiring user registration 
(via through the hyperDRIVE Guide applet, the customer invokes an operation such that 
the web server uses its ORB to contact the LDAP server to determine whether the 
customer's authenticated identified (distinguished name) matches the one provided to 
allow the user to use the resource) (see fig. 2; pg. 72 first and second column); and 

wherein in response to using the registration implementation dynamic base 
object (role objects) to provide user registration information, a user of the digital 
information server gains access to contents of any of said plurality of resources (via 
through the hyperDRIVE Guide applet, the customer invokes an operation such that the 
web server uses its ORB to contact the LDAP server to determine whether the 
customer's authenticated identified (distinguished name) matches the one provided to 
allow the user to use the resource) (see fig. 2; pg. 72 first and second column). 
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8. BARTZ does not teach that the network is an information appliance network. 
However, Bartz disclosed his system is an n-tiered internet computing (abstract line 3). 
It would have been obvious to one of ordinary skill in the art that appliance network is 
well known in the art, and since BARTZ teaches that the invention is implemented in 
Java for its "write once, run anywhere" quality it would have been obvious to one of 
ordinary skill in the art that the invention is applicable to an information appliance 
network since the code can run anywhere. 

9. As to claim 14, BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
business services) (see fig. 2; pg. 72 first and second column). It would be obvious to 
one of ordinary skill in the art that in order to authenticate with a server, the client has to 
send its name. 

1 0. Claims 1 -1 1 , and 1 5-26 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web" by 
BARTZ, and in view of OLIVER et al (hereafter OLIVER) (U.S. Publication No. 
2002/0133412). 



11. 



BARZT was cited in the previous office action. 
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12. As to claim 1, BARTZ teaches the invention substantially as claim including a 
method for providing universal registration, comprising: 

providing user registration information of a user to a universal registration 
resource (via the web client authenticating with the web server / LDAP server in order 
access various business services) (see fig. 2; pg. 72 first and second column), the user 
registration information (distinguished name / user authentication information) 
accessible by providers of resources (via the business data services verify that the user 
is authorized to run the service by communicating with the LDAP server to get the 
user's authentication information) (see fig. 2; pg. 72 first and second column); and 

requesting use of a first provider resource which requires the user registration 
information, wherein the provider resource automatically retrieves the user registration 
information from the universal registration resource to enable the user to access the first 
provider resource (via through the hyperDRIVE Guide applet, the customer invokes an 
operation such that the web server uses its ORB to contact the LDAP server to 
determine whether the customer's authenticated identified (distinguished name) 
matches the one provided to allow the user to use the resource) (see fig. 2; pg. 72 first 
and second column). 

13. BARTZ does not teach that the network is an information appliance network. 
Official Notice is taken in that such a network is well known in the art, and since BARTZ 
teaches that the invention is implemented in Java for its "write once, run anywhere" 
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quality it would be obvious to one of ordinary skill in the art that the invention is 
applicable to an information appliance network since the code can run anywhere. 

14. BARTZ did not specifically teach requesting use of second provider resource 
which requires the user registration information, wherein the provider resource 
automatically retrieves the user registration information from the universal registration 
resource to enable the user to access the second provider resource. 

1 5. However, OLIVER teaches requesting use of second provider resource which 
requires the user registration information, wherein the provider resource automatically 
retrieves the user registration information from the universal registration resource to 
enable the user to access the second provider resource (abstract; paragraphs [0377]). 

16. It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of BARTZ and OLIVER because 
both of the system providing a universal registration information for the resource 
providers to look up in response to a request to access the resource providers. In 
addition, OLIVER teaching of requesting use of second provider resource which 
requires the user registration information, wherein the provider resource automatically 
retrieves the user registration information from the universal registration resource to 
enable the user to access the second provider resource would improved the integrity of 
BARTZ's system by providing a system which includes a verification means adapted to 
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allow each provider verify that the client/user's privilege before granting the access 
(OLIVER, paragraph [0012]). 

17. As to claims 2-6, BARTZ teaches the user registration information is contained in 
a program object (via the role objects / DN (object describing people) being stored in the 
LDAP server which is a directory (see pg 70, Behavioral Summary and pg. 72 first and 
second columns). The cited reference does not detail that the name or object is in a 
string naming convention, however, Official Notice is taken in that object names, 
distinguished names are in a string naming convention that details the location of the 
object, the object name, and a method of the object and therefore it would be obvious 
that the distinguished names or other authentication information provided is in this 
format to be compared with the business services retrieved authentication information 
for the user to see if the user is permitted to access the service. 

18. As to claim 7, BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
business services) (see fig. 2; pg. 72 first and second column). It is inherent that in 
order to authenticate with a server, the client has to send its name. 

19. As to claim 8, BARTZ teaches the invention substantially as claim including a 
method for accessing contents of a multiple resource (invoking multiple business 
services) by a user (client), comprising: 
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accessing a first resource which requires registration by the user (via the 
business data services verify that the user is authorized to run the service by 
communicating with the LDAP server to get the user's authentication information) (see 
fig. 2; pg. 72 first and second column); 

in response to said first resource supporting universal registration and the user 
being universally registered, obtaining registration information for the first resource from 
a registration dynamic object (LDAP server / directory server) (via the business data 
services verify that the user is authorized to run the service by communicating with the 
LDAP server to get the user's authentication information) (see fig. 2; pg. 72 first and 
second column); and 

allowing the user to access contents of said first resource in response to 
obtaining said registration information for the first resource (via through the hyperDRIVE 
Guide applet, the customer invokes an operation such that the web server uses its ORB 
to contact the LDAP server to determine whether the customer's authenticated identified 
(distinguished name) matches the one provided to allow the user to use the resource) 
(see fig. 2; pg. 72 first and second column). 

20. BARTZ did not specifically teach accessing a second resource which requires 
registration by the user, in response to said second resource supporting universal 
registration and said user being universally registered, obtaining registration information 
for the second resource from the registration dynamic object, and allowing said user to 
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access contents of said second resource in response to obtaining said registration 
information for the second resource (abstract; paragraphs [0364], [0377]-[0383]). 

21 . It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of BARTZ and OLIVER because 
both of the system providing a universal registration information for the resource 
providers to look up in response to a request to access the resource providers. In 
addition, OLIVER teaching of accessing a second resource which requires registration 
by the user, in response to said second resource supporting universal registration and 
said user being universally registered, obtaining registration information for the second 
resource from the registration dynamic object, and allowing said user to access 
contents of said second resource in response to obtaining said registration information 
for the second resource would improved the integrity of BARTZ's system by providing a 
system which includes a verification means adapted to allow each provider verify that 
the client/user's privilege before granting the access (OLIVER, paragraph [0012]). 

22. As to claim 9, BARTZ teaches when the first resource fails to support universal 
registration and the user utilizes a registration dynamic base object, registering the user 
by the registration dynamic base object per pre-registered user data (via the user sends 
its distinguished name to the business service such that it verifies the user has access 
by comparing it to the one stored on the LDAP server wherein the act of authorization 
and authentication are separate activities, thus they occur at different times, SEE PG. 
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70, 4th - 6th paragraphs). The cited teachings of BARTZ, inherently teach allowing the 
registration to occur after the requesting access and dynamically change how the 
resources are protected (pg. 70, second column, behavioral summary). 

23. As to claim 10, BARTZ teaches when the first resource supports universal 
registration and the user is not universally registered, entering registration information 
by the user (via the web client authenticating with the web server / LDAP server in order 
access various business services) (see fig. 2; pg. 72 first and second column). 

24. As to claim 1 1 , BARTZ teaches the registration information includes a name (via 
the web client authenticating with the web server / LDAP server in order access various 
business services) (see fig. 2; pg. 72 first and second column). It is inherent that in 
order to authenticate with a server, the client has to send its. 

25. As to claims 15-18, reference is made to a computer readable medium that 
corresponds to the method of claims 8-1 1 and is therefore met by the rejection of claims 
8-11 above. 

26. As per claim 1 9, OLIVER teaches determining that the provider resource does 
not have said user registration information (abstract). 
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27. As per claim 20, OLIVER teaches that wherein the requesting use of the provider 
resource is a first time request for the use of the provider resource (abstract; paragraph 
[0367]). 

28. As per claims 21-22, they are rejected for the same reason as claims 1 9-20 
above. 

29. As per claims 23-24, BARTZ teaches the invention substantially as claim in claim 
12 above. BARTZ did not specifically teach determining that the provider resource does 
not have said user registration information, and wherein the requesting use of the 
provider resource is a first time request for the use of the provider resource. 

30. However, OLIVER teaches determining that the provider resource does not have 
said user registration information, and wherein the requesting use of the provider 
resource is a first time request for the use of the provider resource (abstract; paragraph 
[0367]). 

31 . It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of BARTZ and OLIVER because 
both of the system providing a universal registration information for the resource 
providers to look up in response to a request to access the resource providers. In 
addition, OLIVER teaching of determining that the provider resource does not have said 
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user registration information, and wherein the requesting use of the provider resource is 
a first time request for the use of the provider resource would improved the integrity of 
BARTZ's system by providing a system which includes a verification means adapted to 
allow each provider verify that the client/user's privilege before granting the access 
(OLIVER, paragraph [0012]). 

32. As per claims 25-26, they are rejected for the same reason as claim 8 above. 

Response to Arguments 

33. Applicant's arguments with respect to claims 1-26 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

34. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure (see attached PTO 892 form for details). 

35. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JENNIFER N. TO whose telephone number is (571)272- 
7212. The examiner can normally be reached on M-T 6AM- 3:30 PM, F 6AM- 2:30 PM. 
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36. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (571) 272-3756. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

37. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Meng-Ai An/ Jennifer To 

Supervisory Patent Examiner, Art Unit 21 95 Patent Examiner 

AU2195 



